Optimize and add new diagnostic logs

wso2-extensions · Jun 23, 2023 · 8236693 · 8236693
1 parent af33f9a
commit 8236693
Show file tree

Hide file tree

Showing 6 changed files with 44 additions and 35 deletions.
diff --git a/...oint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/authz/OAuth2AuthzEndpoint.java b/...oint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/authz/OAuth2AuthzEndpoint.java
@@ -570,18 +570,19 @@ private Response handleResponseFromConsent(OAuthMessage oAuthMessage) throws OAu
             URISyntaxException, ConsentHandlingFailedException {
 
         if (LoggerUtils.isDiagnosticLogsEnabled()) {
-            Map<String, Object> params = new HashMap<>();
+            DiagnosticLog.DiagnosticLogBuilder diagnosticLogBuilder = new DiagnosticLog.DiagnosticLogBuilder(
+                    OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, "receive-consent-response");
             if (oAuthMessage.getRequest() != null && MapUtils.isNotEmpty(oAuthMessage.getRequest().getParameterMap())) {
                 oAuthMessage.getRequest().getParameterMap().forEach((key, value) -> {
                     if (ArrayUtils.isNotEmpty(value)) {
-                        params.put(key, Arrays.asList(value));
+                        diagnosticLogBuilder.putParams(key, Arrays.asList(value));
                     }
                 });
             }
-            LoggerUtils
-                    .triggerDiagnosticLogEvent(OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, params,
-                            OAuthConstants.LogConstants.SUCCESS, "Successfully received consent response",
-                            "receive-consent-response", null);
+            diagnosticLogBuilder.resultMessage("Successfully received consent response.")
+                    .resultStatus(DiagnosticLog.ResultStatus.SUCCESS)
+                    .logLevel(DiagnosticLog.LogLevel.ADVANCED);
+            LoggerUtils.triggerDiagnosticLogEvent(diagnosticLogBuilder);
         }
 
         updateAuthTimeInSessionDataCacheEntry(oAuthMessage);

diff --git a/...uth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/util/EndpointUtil.java b/...uth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/util/EndpointUtil.java
@@ -103,6 +103,7 @@
 import org.wso2.carbon.idp.mgt.IdentityProviderManagementException;
 import org.wso2.carbon.idp.mgt.IdentityProviderManager;
 import org.wso2.carbon.idp.mgt.IdpManager;
+import org.wso2.carbon.utils.DiagnosticLog;
 import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
 
 import java.io.IOException;
@@ -1075,17 +1076,16 @@ public static void storeOAuthScopeConsent(AuthenticatedUser user, OAuth2Paramete
                     }
                 }
                 if (LoggerUtils.isDiagnosticLogsEnabled()) {
-                    Map<String, Object> consentParams = new HashMap<>();
-                    consentParams.put("clientId", params.getClientId());
-                    consentParams.put("approvedScopes", userApprovedScopes);
-                    consentParams.put("user", userId);
-
-                    Map<String, Object> configs = new HashMap<>();
-                    configs.put("overrideExistingConsent", String.valueOf(overrideExistingConsent));
-                    LoggerUtils
-                            .triggerDiagnosticLogEvent(OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, consentParams,
-                                    OAuthConstants.LogConstants.SUCCESS, "Successfully persisted oauth scopes.",
-                                    "persist-oauth-scope-consent", configs);
+                    DiagnosticLog.DiagnosticLogBuilder diagnosticLogBuilder = new DiagnosticLog.DiagnosticLogBuilder(
+                            OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, "persist-oauth-scope-consent");
+                    diagnosticLogBuilder.putParams("clientId", params.getClientId())
+                            .putParams("approvedScopes", userApprovedScopes)
+                            .putParams("user", userId)
+                            .putParams("overrideExistingConsent", overrideExistingConsent)
+                            .resultMessage("Successfully persisted oauth scopes.")
+                            .resultStatus(DiagnosticLog.ResultStatus.SUCCESS)
+                            .logLevel(DiagnosticLog.LogLevel.ADVANCED);
+                    LoggerUtils.triggerDiagnosticLogEvent(diagnosticLogBuilder);
                 }
             }
         } catch (IdentityOAuthAdminException e) {

diff --git a/...ain/java/org/wso2/carbon/identity/oauth2/authz/handlers/util/ResponseTypeHandlerUtil.java b/...ain/java/org/wso2/carbon/identity/oauth2/authz/handlers/util/ResponseTypeHandlerUtil.java
@@ -58,6 +58,7 @@
 import org.wso2.carbon.identity.oauth2.token.OauthTokenIssuer;
 import org.wso2.carbon.identity.oauth2.util.OAuth2Util;
 import org.wso2.carbon.identity.openidconnect.IDTokenBuilder;
+import org.wso2.carbon.utils.DiagnosticLog;
 
 import java.sql.Timestamp;
 import java.util.Date;
@@ -303,27 +304,27 @@ public static AuthzCodeDO generateAuthorizationCode(OAuthAuthzReqMessageContext
                     ", validity period : " + validityPeriod);
         }
         if (LoggerUtils.isDiagnosticLogsEnabled()) {
-            Map<String, Object> params = new HashMap<>();
-            params.put("clientId", authorizationReqDTO.getConsumerKey());
+            DiagnosticLog.DiagnosticLogBuilder diagnosticLogBuilder = new DiagnosticLog.DiagnosticLogBuilder(
+                    OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, "issue-authz-code");
+            diagnosticLogBuilder.putParams("clientId", authorizationReqDTO.getConsumerKey())
+                    .resultStatus(DiagnosticLog.ResultStatus.SUCCESS)
+                    .resultMessage("Authorization Code issued successfully.")
+                    .putParams("requestedScopes", OAuth2Util.buildScopeString(authorizationReqDTO.getScopes()))
+                    .putParams("redirectUri", authorizationReqDTO.getCallbackUrl())
+                    .putParams("authzCodeValidityPeriod (ms)", String.valueOf(validityPeriod));
             if (authorizationReqDTO.getUser() != null) {
                 try {
-                    params.put("user", authorizationReqDTO.getUser().getUserId());
+                    diagnosticLogBuilder.putParams("user", authorizationReqDTO.getUser().getUserId());
                 } catch (UserIdNotFoundException e) {
                     if (StringUtils.isNotBlank(authorizationReqDTO.getUser().getAuthenticatedSubjectIdentifier())) {
-                        params.put("user", LoggerUtils.isLogMaskingEnable ? LoggerUtils.getMaskedContent(
-                                authorizationReqDTO.getUser().getAuthenticatedSubjectIdentifier()) :
+
+                        diagnosticLogBuilder.putParams("user", LoggerUtils.isLogMaskingEnable ? LoggerUtils
+                                .getMaskedContent(authorizationReqDTO.getUser().getAuthenticatedSubjectIdentifier()) :
                                 authorizationReqDTO.getUser().getAuthenticatedSubjectIdentifier());
                     }
                 }
             }
-            params.put("requestedScopes", OAuth2Util.buildScopeString(authorizationReqDTO.getScopes()));
-            params.put("redirectUri", authorizationReqDTO.getCallbackUrl());
-
-            Map<String, Object> configs = new HashMap<>();
-            configs.put("authzCodeValidityPeriod", String.valueOf(validityPeriod));
-            LoggerUtils.triggerDiagnosticLogEvent(OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, params,
-                    OAuthConstants.LogConstants.SUCCESS, "Issued Authorization Code to user.", "issue-authz-code",
-                    configs);
+            LoggerUtils.triggerDiagnosticLogEvent(diagnosticLogBuilder);
         }
         return authzCodeDO;
     }

diff --git a/...identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java b/...identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java
@@ -91,6 +91,7 @@
 import static org.wso2.carbon.identity.oauth2.util.OAuth2Util.EXTENDED_REFRESH_TOKEN_DEFAULT_TIME;
 import static org.wso2.carbon.identity.oauth2.util.OAuth2Util.INTERNAL_LOGIN_SCOPE;
 import static org.wso2.carbon.identity.oauth2.util.OAuth2Util.validateRequestTenantDomain;
+import static org.wso2.carbon.identity.openidconnect.OIDCConstants.ID_TOKEN_USER_CLAIMS_PROP_KEY;
 
 /**
  * This class is used to issue access tokens and refresh tokens.
@@ -485,11 +486,14 @@ public OAuth2AccessTokenRespDTO issue(OAuth2AccessTokenReqDTO tokenReqDTO)
             try {
                 String idToken = builder.buildIDToken(tokReqMsgCtx, tokenRespDTO);
                 if (LoggerUtils.isDiagnosticLogsEnabled()) {
-                    Map<String, Object> params = new HashMap<>();
-                    params.put("clientId", tokenReqDTO.getClientId());
-                    LoggerUtils.triggerDiagnosticLogEvent(OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, params,
-                            OAuthConstants.LogConstants.SUCCESS, "ID token issued for the application.",
-                            "issue-id-token", null);
+                    DiagnosticLog.DiagnosticLogBuilder diagnosticLogBuilder = new DiagnosticLog.DiagnosticLogBuilder(
+                            OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, "issue-id-token");
+                    diagnosticLogBuilder.putParams("clientId", tokenReqDTO.getClientId())
+                            .putParams("Issued claims for ID Token", tokReqMsgCtx.getProperty(
+                                    ID_TOKEN_USER_CLAIMS_PROP_KEY))
+                            .resultStatus(DiagnosticLog.ResultStatus.SUCCESS)
+                            .resultMessage("ID token issued for the application.");
+                    LoggerUtils.triggerDiagnosticLogEvent(diagnosticLogBuilder);
                 }
                 tokenRespDTO.setIDToken(idToken);
             } catch (IDTokenValidationFailureException e) {

diff --git a/...rc/main/java/org/wso2/carbon/identity/openidconnect/DefaultOIDCClaimsCallbackHandler.java b/...rc/main/java/org/wso2/carbon/identity/openidconnect/DefaultOIDCClaimsCallbackHandler.java
@@ -77,6 +77,7 @@
 import static org.wso2.carbon.identity.oauth.common.OAuthConstants.AUTHZ_CODE;
 import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCClaims.ADDRESS;
 import static org.wso2.carbon.identity.oauth.common.OAuthConstants.OIDCClaims.GROUPS;
+import static org.wso2.carbon.identity.openidconnect.OIDCConstants.ID_TOKEN_USER_CLAIMS_PROP_KEY;
 
 /**
  * Default implementation of {@link CustomClaimsCallbackHandler}. This callback handler populates available user
@@ -93,6 +94,7 @@ public JWTClaimsSet handleCustomClaims(JWTClaimsSet.Builder jwtClaimsSetBuilder,
             tokenReqMessageContext) throws IdentityOAuth2Exception {
         try {
             Map<String, Object> userClaimsInOIDCDialect = getUserClaimsInOIDCDialect(tokenReqMessageContext);
+            tokenReqMessageContext.addProperty(ID_TOKEN_USER_CLAIMS_PROP_KEY, userClaimsInOIDCDialect.keySet());
             return setClaimsToJwtClaimSet(jwtClaimsSetBuilder, userClaimsInOIDCDialect);
         } catch (OAuthSystemException e) {
             if (log.isDebugEnabled()) {

diff --git a/...on.identity.oauth/src/main/java/org/wso2/carbon/identity/openidconnect/OIDCConstants.java b/...on.identity.oauth/src/main/java/org/wso2/carbon/identity/openidconnect/OIDCConstants.java
@@ -27,6 +27,7 @@ public class OIDCConstants {
     public static final String IDN_OIDC_REQ_OBJECT_REFERENCE = "IDN_OIDC_REQ_OBJECT_REFERENCE";
     public static final String IDN_OIDC_REQ_OBJECT_CLAIMS = "STORE_IDN_OIDC_REQ_OBJECT_CLAIMS";
     public static final String HAS_NON_OIDC_CLAIMS = "hasNonOIDCClaims";
+    public static final String ID_TOKEN_USER_CLAIMS_PROP_KEY = "IDTokenUserClaims";
 
     /**
      * This class is used to define constants related to OIDC event specific features.